IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

In re: the Patent Application of 
Alan HAAKSMA, et al. 

Application No. 09/925,571 

Application Filing Date: August 9, 2001 
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A CONVENIENTLY ACCESSIBLE 
PORTABLE MEDICAL HISTORY 

DECLARATION OF ALAN HAAKSMA UNDER 37 CFR 8 1.131 

1. Alan Haaksma, declare the following: 

L I am Alan Haaksma, a co-inventor of the subject matter described and claimed in 
the patent application identified above (the "Application"). 

2. I have personal knowledge of the facts set forth in this Declaration regarding the 
conception and diligent reduction to practice of the invention described and claimed in the 
Application. 

3 . My co-inventor, Dustin Ide, and I conceived the invention disclosed and claimed 
in the Application (at least that in claims 1-1 1 and 13-44) (the "Invention in the Claims") before 
February 6, 2001 (the "Reference Date") and engaged in diligent efforts to reduce it to practice 
from a date before the Reference Date continuously until it was actually or constructively 
reduced to practice. 

4. Dustin Ide and I conceived of the conceived of the invention in the Claims 
months before the Reference Date. 


Before the Examiner 

RobertD. RINES 

Art Unit 3626 
Date: July 17,2008 
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5. The Invention in the Claims provided the technological basis for a business plan 
that was developed in the ordinary course of business by a Canadian company known as The 
Statum Group (the "Business Plan"). I participated in development of that Business Plan. 


as early as May 2000. 

7. The Business Plan included the section describing the underlying technology, 
which is attached as Annex A to this Declaration. Annex A reflects our possession of the 
Invention in the Claims in or before May 2000, which is before the Reference Date. The 
remainder of the Business Plan includes confidential business information proprietary to The 
Statum Group, but is available for non-public disclosure to the Office if necessary. 

8. The Invention in the Claims is also reflected in Annex B, a proposed software 
specification that was derived from discussions between The Statum Group and Coolwater Inc., 
developers with whom we worked to implement the Invention in the Claims. The document in 
Annex B was created on or before December 22, 2000. 

9. We implemented a working version of a system implementing the Invention in the 
Claims before the Reference Date, The document in Annex C is a notice that was given to a Dr. 
Peter R. Newman as part of the actual operation of the system and in the ordinary course of the 
business of The Statum Group. Annex C is dated January 30, 2001, which is before the 
Reference Date. 

I pftfypte Jliese statements under penalty of perjury pursuant to 18 U.S.C. §1001. 


6. 


I personally conveyed a copy of the Business Plan to my patent attorney at least 
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Annex A 


7. Operations and Technology 


Background 

The LifeLineCD was originally envisioned as a secure Internet service allowing physicians to 
access a subscribing patient's medical record in an emergency situation. As we developed the 
product and researched the market, it became evident that a purely Internet model does not address 
all the issues surrounding a truly secure, portable and accessible medical record. 

□ The public's perception is that the Internet is not secure enough for the transmission and 
storage of medical records. 

□ The current infrastructure of the Internet and the low incidence of high-speed access make 
the rapid transfer of images difficult. 

□ Hospitals are more likely to have CD-ROM hardware than Internet access. 

□ Many physicians lag behind the technology curve and the CD solution is currently the 
simplest way to share this type of information. 

Because of these issues our patent pending software was taken off line and placed on a credit card 
sized CD. The medical record is viewed in the computer's web browser using the same technology 
employed by the Internet today, but without the need to go online. The CD represents a more 
secure and portable format, eliminating the potentially long download times that would be 
unacceptable in an acute situation, and uneasiness with posting private medical information on the 
web. However, the operational model left some issues unresolved: 

□ The ability to' capture the required information from the primary care giver and deliver the 
product to the patient in a timely and cost effective manner. 

□ The ability to maintain an updated record in near real time. 

□ The ability to capture data without any intervention by Statum, thus limiting our liability to 
virtually zero, should the data be erroneous. 

Current Development 

Clearly, a "best of both worlds" scenario is required. An online / offline or dynamic and static 
version of the software solves these issues. The information is collected dynamically or through the 
Internet while the; compiled medical information is stored in the secure, portable and accessible 
format of a CD card, which is carried by the customer. 

The LifeLineCD is produced using an Application Service Provider model, described hereunder. 
LifeLineCD ASP 

The Application Service Provider software strategy offers a three-fold advantage: 

1. Provides unparalleled privacy and security, thus winning the confidence of patients, and 
maintaining the integrity of the patient-physician relationship. 

2. Reduces costs in the record collection and updating process, and therefore the retail price; 


and 

3. Builds a barrier to entry by competitors, by seamlessly integrating Statum's business 
processes with those of the partner medical institution. 


The future iterations of the software and process flow must address the above issues if the product 
is to be successful on a global scale. In order to optimize the LifeLineCD potential the LifeLineCD 
application software will be available over the Internet or secure dial-up service. There will be no 
need to download or install special software, as the application will work with the existing web 
browser using Extensible Markup Language (XML). Medical Records Institute has defined XML 
as the standard within the Electronic Patient Record Industry. As an option, subscribers to the 
LifeLineCD will also be able to have their records available through the internet as a back up 
should their CD be lost, or damaged. 

Security 

Because of the vulnerability of information passing through cyberspace and the sensitivity of 
medical information, security is of paramount importance. 

□ Permission level is assigned to specific user (Admin/Data Entry/ Approve). 

□ The administrative staff will perform medical record entry tasks, and the supervising 
physician at each site will retain the sole authority to review created records and approve. 

□ Data is encrypted using the PKI (Private Key Infrastructure) 128-bit encryption process. 

Process 

□ Facility contracts with Statum and is issued a Facility ID, password and private key, which 
make up their digital signature. 

□ Hardware issues are identified. The Statum ASP model requires the facility simply to have 
a computer with an Internet connection and a standard fax machine. 

□ Facility connects to ASP application and uses Administrative functionality to create User 
profiles and assign user permissions. 

□ User connects to ASP application and uses data entry functionality to create the patient 
record and collect payment. Payment includes an up-front "subscription" fee, along with a 
monthly maintenance fee, which includes unlimited updates. 

□ Pertinent information such as allergies, medications, and significant medical history as well 
as demographic information is keyed in through the application by the identified person. 

□ The paper record, which includes any ECGs, operative reports, Diagnostic image reports, 
consultant reports, are faxed into the Statum fax server where they are compiled, sorted and 
filed into the appropriate place in the record using proprietary technology. 

□ The Supervising physician reviews patient record and approves, or rejects. 

□ Patient record is merged with pertinent health informatics of specific interest to the patient. 

□ Approved records are queued for production at Statum. 

□ CDs are burned and mailed to the patient or clinic. 

□ Records are posted to the Internet. (Optional at the patient's discretion) 

□ The creation date of the record is noted by the application and an update reminder is sent 
out regularly to ensure that the patient and the participating clinic are up to date. This is one 
of the ways in which the product will strengthen the doctor - patient relationship. 


□ The entire process requires about 20 minutes to create the record. 

□ Statum and the Facility share revenues 50/50, ensuring the Facility's ongoing commitment 
to the LLCD program 

Addressing the issues 

By offering the LifeLineCD using the ASP model we have addressed the major issues surrounding 
the Electronic Patient Record for our application. 

□ The PKI 128-bit encryption process ensures that the data is not only secure during 
transmission; it remains encrypted in our database where only the patient or the physician 
who approved the record can have access. In addition, the digital signature created in the 
PKI process can verify the data's origin. 

□ Because the Internet is used merely as a method of data capture, and the LifeLineCD is a 
static, transportable digital document, the information is accessible immediately and not 
subject to potentially long download times. 

□ The LifeLineCD is accessible through any computer with a CD drive. 

□ The LifeLineCD is extremely easy to start and navigate. The record automatically appears 
onscreen and is thoughtfully organized for quick reference. 

□ Because the LifeLineCD is created where the traditional record resides, the process begins 
at the patient's request and when it is needed. The cost of transmitting the paper record 
through traditional means is significantly reduced, thus eliminating a major cost, and 
making the product available to a greater number of people. 

□ The ASP model allows the participating clinic to maintain an updated record and 
LifeLineCD in near real time. When a change in the patient's health situation warrants an 
updated LifeLineCD the clinic staff makes the change immediately and a new card is sent 
out within 24 hours. 

□ Finally, our ASP model is designed so that no intervention is required by Statum to process 
the patient's LifeLineCD. This limits our liability to that of product failure rather than 
incomplete or erroneous data input. 

Value Added Services 

Once the record is completed at the clinic, our application merges the information contained in it 
with specific information, supplied by a respected and credible source such as First Data Bank, 
related to the patient's heath and wellness. As well, the customer is provided with: 

□ Links to provide additional products and services such as prescription refills and home care 
products to the preferred vendor within the clinic's area, 

□ Searchable database of worldwide medical clinics. 

If requested, the patient's medical records will be made available through a secure Internet site. 
This will begin as an optional feature, but once Internet security and Patient confidence grows, it 
will eventually become the backbone of the LifeLineCD program. . 


ASP Model Process Flow Diagram 
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Customer and Tech Support 


Statum will operate a 24-hour service as well as an Internet support service to handle any customer 
or health care facility issues. This support will be handled transparently in situations where 
LifeLineCD is co-branded or private labeled, and the same service will provide LifeLineCD 
branded support. 

Partner Support 

A dedicated team/individual is tasked with providing full support for each channel partner. The 
emphasis is on providing solutions to their needs on a preemptive or rapid response basis. High 
service standards are a key element of the way Statum manages its relationships with channel 
partners. 

Marketing 

Marketing is one of the functions offered by TechMark Partners, our strategic ally. The current 
group has extensive experience in all areas of direct response marketing and consumer 
communications, and works with channel partners to guide them on marketing programs they may 
wish to run themselves. 
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Proposed Specification: 
LifeLine ASP 


prepared by Michael Mansell, Coolwater Inc. 
prepared for The Statum Group 

December 22, 2000 


abstract 

Statum's LifeLine is a service for the collection and distribution of medical file data. 

UfeLlneCD is an offline operation that involves the manual collection and distribution of 
this data. 

This specification defines the LifeLlneASP (Application Service Provider), a secure 
Internet service for online medical records, featuring automated data capture, data 
acquisition/input, data output/reporting, and data/session security. 
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status of this document 

This section describes the status of this document at the time of its publication. Other 
documents may supersede this document. 

This document is a confidential working draft by Coolwater Inc. for The Statum Group. It 
is inappropriate to use working drafts as reference material or to cite them other than as 
"work in progress". Distribution of this document is limited to parties participating in the 
Non-Disclosure Agreement. 
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introduction 

purpose 

Statum's LifeLine is a service for the collection and distribution of medical file data. 

LifeLlneCD is an offline operation that involves the manual collection and distribution of 
this data. Manual data acquisition costs are extremely high because a third party is 
required to collect data from the doctor's office for delivery to Statum. It also introduces 
a middleman that could create errors in medical data. Data delivery by CD-ROM, while 
very effective, also entails production and distribution costs, as well as placing limits on 
the timeliness and completeness of medical data. Moving operations to an Internet 
based data collection and delivery mechanism reduces much of the current operations, 
costs. It will also improve the timeliness, accuracy, and completeness of the medical 
data, as well as providing the opportunity for on-line medical information services. 

This specification defines the UfeUneASP (Application Service Provider); a secure 
Internet service for online medical records, featuring automated data capture, data 
acquisition/input, data output/reporting, and data/session security. 


terminology 

This specification uses a number of terms to refer to the roles played by participants in, 
and objects of, the UfeUneASP service. 

ASP (Application Service Provider) 

An application service provider is a company that creates a subscription based 
software service. For a periodic fee the ASP provides software and other 
computer based services to users over the Internet or other network mechanism. 

client 

An application program that establishes connections for the purpose of sending 
requests. 

server 

An application program that accepts connections in order to service requests by 
sending back responses. 

subscriber 

a person who has subscribed to the LifeLine service, can be a patient or doctor. 

patient 

owner & maintainer of personal medical data files, controls access to personal 
medical data. 

doctor 

creater & authorizer of patient medical data files. 
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overall operation 

The LifeLineASP service features automated data capture, data acquisition/input, data 
output/reporting, and data/session security. There are 2 types of subscribers: patients 
and doctors. The LifeLineASP acts as a secure on-line repository of medical data files, 
accessible by both patient and doctor(s) for reference and maintenance. — 


Basically, doctors input and authorize patient medical data on the LifeLine server, and 
patients access this data over the Internet, or request CD-ROMs from the LifeLine 
server. The LifeLineASP, in effect, brokers transfer of medical data between patients! 7 
and their doctors. / 



Patients) 


Doctor(s) 


The following chart shows the primary functions of Statum, patients, and doctors within 
the LifeLine system 


STATUM 

sign-up others (invite) 
customer support 
collect data 
verify data 

create CD-ROMs (3 rd party) 
value add: education 
billing 


DOCTORS 

• sign-up self (subscribe) 

• sign-up others (invite) 

• input data 

• authorize data 

• access data 

• pay & get paid 


PATIENTS 

• sign-up self (subscribe) 

• sign-up others (invite) 

• input data 

• access data 

• share data (controlled) 

• pay 


statum 

sign-up others: Statum customer service representatives (CSRs) sign up patients and 
doctors by inputting their personal information via the CSR web interface. 

customer support: Statum CSRs support patients and doctors via the CSR web 
interface. 

collect data: Statum collects data via the internet and fax. Textual data is collected 
over the internet where possible, and medical files from doctors are collected via fax. 
The automated capture module deciphers and routes faxes based on a cover page. 
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Personal photos can be submitted for scanning by patients. Import filters for electronic 
data from doctor's practice management systems are created on an as needed basis. 

verify data: Statum quality control operators (QCOs) review, verify, and/or route 
incoming data from the automated capture modules where necessary. 


create CD-ROMs: Statum, via a 3 rd party manufacturer, creates and distributes 
LifeLineCDs containing patient medical data. Requests for CD-ROMs are batch 
processed at the end of each day and the archived and encrypted medical data is 
transmitted to the manufacturer via secure ftp or other such secure mechanism. 


value adds: Statum adds value to patient medical records in the form of education 
material customized for each patients needs. This material comes from sources such as 
FirstData. 

billing: Statum offers patients and doctors the ability to pay subscription fees by ove ^^i(C/j * J 
card and pre-authorized debit. Initial subscriptions via the Statum website require a valid r / °U^L, 
credit card. #<nj / 



doctors 

sign-up self: doctors who wish to participate in LifeLine can subscribe themselves to 
the service on-line. 

sign-up others: doctors can invite other doctors or patients to subscribe to LifeLine by 1 nIL^ 
sending them an automated e-mail invitation (similar to ICQ, an online message 
exchange service) that explains the features and benefits of the LifeLine service. 

Input data: doctors (or staff) input data into the LineLine system via secure web 
interface (text or image upload) or fax. 

authorize data: doctors authorize release of medical records and authorize data in the 
LineLine system once the data has been inputted. 

access data: doctors access patient(s) data via secure web interface, dial-up, wap, or 
fax-back. 

pay/get paid: doctors pay their subscription fees by credit card or pre-authorized debit. 
They are paid by Statum for subscribing patients and inputting medical records. 


patients 

sign-up self: patients who wish to participate in LifeLine can subscribe themselves to 
the service on-line. 
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sign-up others: patients can invite doctors or other patients to subscribe to LifeLine by 
sending them an automated e-mail invitation (similar to ICQ, an online message 
exchange service) that explains the features and benefits of the LifeLine service. 

input data: patients input limited data (personal info) into the LineLine system via 
secure web interface (text). 

access data: patients access their data via LifeLineCD, secure web interface, dial-up, 
wap, or fax-back. 

share data: patients can 'share* their medical records with other doctors for referrals or 
for a newly designated doctor. 

pay: patients pay their subscription fees by credit card or pre-authorized debit. 
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Data Layers 

data definitions 

The following chart outlines the data that is tracked by the LifeLine medical record 
database. The data modules give doctors and patients the ability to create and maintain 
their data. The following is a listing of the data modules. Each module requires security 
restrictions based on who and what information is being accessed in accordance with 
the security module described in latter sections of this specification. Each module 
includes, where relevant, preformatted drop down selection menus, data format 
verification and validation, database updated confirmation etc. Each module includes . 
search methods for gaining fast access to files that need to be modified. 


Data Module 

Responsible 
{Patient/Doctor) 

Add 

Modify 

View 

Archive 

Logged 

personal information 

P 

V 


V 

N 

Y 

contact information 

P 

V 



N 

Y 

physician 

P 




Y 

Y 

emergency contact 

P 

V 



N 

Y 

medical insurance 

P 

V 



N 

Y 

family history 

P 

V 

V 

w 

N 

Y 

alternative med 

P 


V 


N 

Y 

allergies 

D 

V 

V 


N 

Y 

diagnosis 

D 

V 


V 

N 

Y 

images 

D 

V 



N 

Y 

immunization 

D 

V 

V 


Y 

Y 

implant devices 

D 




N 

Y 

Rx 

D 

V 


V 

N 

Y 

system 

N/A 

N/A 

N/A 


Y 

Y 


Patient Data Modules 

personal information: 

• Photograph 

• Name (Given, Middle, Surname, Maidenname) 

• Salutation 

• Occupation 

• Employer 

• SIN/SSN 

• Religion 

• Citizenship 

• Marital Status 

• Spouse Name 

• DOB 

• Gender 

• Height 
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• Weight 

• Smoker? 

• Blood Type 

• Organ Donor? 

• Donor Notes 

• Comments 

• Address (home, business, etc.) 

• Phone (home, business, cellular, etc.) 

• E-mail (home, business, etc.) 

• Comments 

physician: 

• Physician 

• Primary? (full-access) 

• Secondary? (read-only) 
V Start, End Date 

• Comments 

emergency contact information: 

• Name (Given, Middle, Surname) 

• Salutation 

• Address (home, business, etc.) 

• Phone (home, business, cellular, etc.) 

• E-mail (home, business, etc.) 

• Comments 

medical insurance: 

• Medical Policy# 

• Medical Insurer 

• Address (home, business, etc.) ■ • 

• Phone (home, business, cellular, etc.) 

• E-mail (home, business, etc.) 

• Notes 

family history: 

• Medical Condition 

• Comments 

alternative medication: 

• Alternative Medication 

• DIN (if any) 

• Dosage (amount, units) 

• Frequency (number, type) 

• Start Date 

• Active? 

• Comments 
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Doctor Data Modules 

allergies: 

• Allergy 

• Comments 

diagnoses: 

• Medical Condition 

• Active? 

• Comments 

images: 

• Physician 

• Type 

• Date 

• Comments 

immunization: 

• Vaccination 

• Date 

• Comments 

implant devices: 

• Device 

• Location 

• Date 

• Manufacturer 

• Model 

• Serial 

• Lot 

• Comments 

prescriptions: 

• Drug 

• DIN 

• Dosage (amount, units) 

• Frequency (number, type) 

• Start Date 

• Comments 

• Active? 

System Data Modules 

login data: 

• Datetime 

• UserlD 

• (un)Successful Login 

• Computer ID (IP address) 
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access data: 

• Datetime 

• UserlD 

• Table 

• Action Performed 
data input (acquisition) 

A secure method is required to initially load (and modify) patient records into the master 
database(s). Data input from a doctor's office can occur in a few ways: 

• direct data entry & image upload 

• fax transmission 

Although direct data entry imposes additional work on the doctor and office staff, it is 
ideal for data that is primarily text (e.g. doctor or patient info, etc.), and for making minor 
changes and corrections. Patients enter their own personal data in the database, and 
having as much information as possible available via drop-down menus reduces 
workload on the doctor. See Appendix A for descriptions and definitions of the existing 
LifeLineCD input forms. 

Scanning provides the best quality images, but requires scanning hardware in the 
doctor's office. An Internet connection is also required for upload of the images. This 
process would entail staff training and extended quality control systems. Wherever 
possible, images can be transmitted by fax (most doctors and staff know the operation of 
a fax machine). 

Using a specially generated cover page, doctor's can fax patient records to Statum, 
automating the data acquisition stage. Based on the cover page, the subsequent pages 
are separated into data or images files and filed with the appropriate patient record. This 
; method is ideal for the initial load of patient records, and for subsequent bulk record 
updates. 

Integration with the doctor's internal practice management system will be looked at in the 
future since a majority of doctor's offices are not yet paperless. 

data storage 

Patient records are stored in a master database(s) on the LifeLine ASP servers). 

Although output methods may manipulate or re-format the records, the data ultimately 
comes from this source. 

data transmission (mediums) 

Patient records are transmitted from one location to another over a number of different 
mediums. Encryption is used to ensure confidentiality and integrity of the data. 
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Passwords and biometric keys create secure access to the data. Transmission 
mediums include: 

1 . LifeLineCD - although the record is stored on the CD-ROM f it is really just 
another method of transmitting the data to another location. 

2. Internet - a secure connection is essential for transmitting over the Internet. 

3. Phone line - phone lines are used for modem connections to the Internet 
(secured via VPN) and IVR / fax-back functionality. 

4. Wireless - the wireless medium can be anything from phones to pagers to 
browsers, extending the reach of phone lines and the Internet to almost 
anywhere in the world. 


data output (formats) 

The primary output of the LifeLine ASP is the patient record. 

The patient record output is generated using the Hyper-Text Markup Language (HTML). 
HTML encoded pages can be stored statically or dynamically, on CD-ROMs and 
Websites respectively. HTML is a detailed specification that allows cross-platform 
access to data, 

Other markup languages to be investigated include the Portable Document Format 
(PDF), suitable for cross-platform viewing, Wireless Markup Language (WML), suitable 
for wireless access, and the Extensible Markup Language (XML), suitable for data 
interchange. 

The patient record output is organized into reports showing either the entire patient 
record or partial reports showing smaller sections of the record such as emergency 
contacts, or allergies. Reports are fully navigable using the hyperlink properties of 
HTML. See Appendix B for descriptions and definitions of existing LifeLineCD output 
reports. 


data access (methods) 

Methods of data storage and data output generally determine the methods of accessing 
or interfacing with the data. Other than plain text, HTML output is considered one of the 
most accessible output formats. 

The primary method of accessing patient records is using a Web Browser A web 
browser can be software on a desktop computer (e.g. Netscape Navigator) or a web- 
enabled wireless device (e.g. RIM Blackberry). Alternate methods of access include 
technologies such as IVR and fax-back. 
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A data access matrix below shows some of the access methods and their respective 
output and transmission methods: 


data transmission 

data format 

data access 


n 1 ML 

Web Browser 

Internet (LAN) 

HTML 

Web Browser 

Internet (LAN) 

PDF 

Web Browser 

Internet (LAN) 

text 

Web Browser 

Internet (Wireless) 

HTML 

Wireless Browser 

lnternet( Wireless) 

WML 

Wireless Browser 

Internet (modem) 

HTML 

Web Browser 

Phone-line (modem) 

text 

Terminal 

Phone-iine (fax) 

HTML 

Fax / Fax Server 

Phone-line (fax) 

PDF 

Fax / Fax Server 

Phone-line (fax) 

text 

Fax / Fax Server 


Examples of transmission, format, and access method pairings 


data security 

Data security controls every user's session access to LifeLine patient data and. control 
functionality based on who they are and what they are able to do and see. There are 
four levels of user security control. These levels include the doctor, the patient, LifeLine 
system staff and LifeLine customer service staff. 

doctor security 

Security at the doctor's level limits the doctor's ability to view records based on the 
patients that he or she is responsible for and patient clinical data. Furthermore logs are 
maintained on all database activities so that all changes can be tracked. No data is 
deleted - rather it can be removed from the active patient file and archived. This helps to 
address liability issues associated with the medical record service. 

patient security 

Security at the patient level limits the patient's ability to view only his or her own records. 
The patient cannot modify data placed into the patient's file by the doctor. However 
sections of the patient's personal file such as addresses, telephone contact numbers, 
and insurance information are modifiable by the patient. Logs are maintained on patient 
files activities similar to the doctor security. 

LifeLine system staff security 

Lifeline System Staff can access a patient record only if the patient consents and gives 
their password (staff are bonded employees and subject to confidentiality covenants in 
their employment agreements). System Staff are able to act in the capacity of either the 
doctor or patient in order to maintain or correct patient file information. As with the 
security features of Doctor and Patient, all changes are tracked and logged for security 
and liability purposes. 


fit? surwM <*$QH? 
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logical servers 

The LifeLine ASP system consists of a number of logical servers or components, 
running on the Microsoft Windows 2000 operating system. 


Web Server 

Microsoft Internet Information Server (IIS) ■ 


. odbc Vt^cX o^k faM- G&^J] -xtt^y^ 

^^ASP + VBSCRIPT (plus javascript where required) v 

• Microsoft Access and/or SQL Server 

• ODBC 

Fax Server 

• AVT RightFAX + Cardiff TELEform 

• C/C++ customization 

Security Server >^^&c ^^^ ^^^ 

• (TBD) CA, RA, CRL.^DA^etrT ( 

Note that multiple logical servers can be located on one or more physical servers. 
Single and multiple server configurations are shown below. 





Fax Server 


a 



Single Server 


Security Server 

Multiple Servers 
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Internet design A devotopment 


Data Flow 


Data flow between entities and logical servers is depicted below. 
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Patients and Doctors are the source of Patient Records. These records are ultimately 
stored in a central database. The records are then accessible by the Patient and 
(selected) Doctors. 
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Appendix A : Existing input Forms 

Patient Record : Name 
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Into met dooton & dovolopmom 
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Annex C 


Dr. Peter R. Newman 
301-3292 Bayview Ave 


North York, ON M2M4J5 


Dear Dr. Newman : 

Please find attached a summary of medical information that has been submitted to our company on behalf of your patient, Mrs. Veena 
Sarin. This information will be used as part of an electronic medical record that the patient will carry. Please take a moment to review 
the information following, and report any discrepancies to our office as soon as possible. 

If you have any questions or concers. please feel free to contact us at (877) 782-8868. 


Active Diagnosis 

1 ;*>; 


Medical Condition 

Comments 


Multinodular Goiter 
Hearing Loss 

onset 1986 - DorsapCyphosia pj?esent 
Hashimoto's ThyrolcHtis_^^ 

Sensorineural on left & conductive bilaterally. Chronic Perforations both 
tympanic membranes. 

Active Prescriptions 

Drug Dosage 

Frequency 

Start Date Comments 

Didrocal 1 Tablet 
ASA-EC 325 mg j 
Hydochlorothiazide 25 mg / 
Altace 10 mg l 

Conjugated Estrogen Sulfate 0.625 mg 

/Daiiey^v 
Dailey \ 
Dailey 
Dailey 

SQaley^/ 

97/11/01. x , 

/ 00/01/01 Ramipril - Replacing enafapril which was 
started in 1991. 

96/08/01 

Allergies j % 

Allergy 

Comments 


None 

Intolerance to SuJindac 

Family History 



Medical Condition 

Comments 


Diabetes 

Immunization History ~ — 



Vaccination 

Date 

Comments 

Pneumovax 23 
TdP 

Influenza 

98/10/01 
98/09/01 

Primary Series 1986. Boosters Nov. 1987 & Sept 

1998 

Anually 

Past Diagnosis j \ 

Medical Condition 

Comments 


Appendicitis Apendectomy 
Tonsillitis Tonsllectomy 

Pneumonia ■ ^ in infancy 

Abdominal Hysterectomy ) 1972 

Fracturey^ Right 5th Metacarpal 

^W^Ks crony 


iPatient Profile 

1 , t 

Date of Birth Smoker? Height (in) 

Weight (lbs) 


1921/01/19 fl 64 129 


Please sign below to indicate that, to the best of your knowledge, the above Information ISjeeCurate and fax to (905) 842-8201. 


Dr. Peter R. Newman 




